Locality Middleware
Middleware layer for Locality context initialization and validation.
Components
Section titled “Components”| Component | Location | Purpose |
|---|---|---|
InitializeLocality | app/Http/Middleware/ | Extract locality from route |
CheckLocalityConsistentWithLoginUser | app/Http/Middleware/ | Validate login user matches locality |
InitializeLocality
Section titled “InitializeLocality”File: app/Http/Middleware/InitializeLocality.php
Extracts locality from encrypted route parameters and initializes context via LocalityManager.
public function handle(Request $request, Closure $next): Response{ $route = $request->route();
if ($route !== null) { try { LocalityManager::initializeLocalityFromRoute($route); } catch (ModelNotFoundException $e) { throw new NotFoundHttpException( 'The ' . Str::snake(class_basename($e->getModel()), ' ') . ' cannot be found.', $e ); } }
return $next($request);}Error response (HTTP 404):
{"message": "The household cannot be found."}CheckLocalityConsistentWithLoginUser
Section titled “CheckLocalityConsistentWithLoginUser”File: app/Http/Middleware/CheckLocalityConsistentWithLoginUser.php
Validates that the login user has permission to access the current locality context.
- Clients: Must belong to the household
- Advisors: Must own or have collaboration access to the resource
Throws AccessDeniedHttpException on permission mismatch.
Encrypted Route Parameters
Section titled “Encrypted Route Parameters”Route parameters containing IDs are encrypted for security:
/advisors/{encrypted_advisor_id}/households/{encrypted_household_id}Decrypted in LocalityManager::initializeLocalityFromRoute() via Crypt::decryptId().
See Also
Section titled “See Also”- Locality - Core locality concepts and access restrictions